Negating a test

Andreas Ericsson ae at op5.se
Fri Jun 25 11:21:51 CEST 2004

Previous message: Negating a test
Next message: Negating a test
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike Diehl (Encrypted email preferred) wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi all.
> 
> I'd like to know the easiest way to check if a service is NOT running.
> 
> For example, I want an indication if any of my servers ARE running ftp.
> 

If you're looking to stop wares-guys this approach is doomed to fail, 
since they don't have to run the ftp-server on the standard ftp port 
(and hardly ever do, since it'd be too easy to find them).

Instead you should install some protocol analyzing packetsniffer (like 
snort) and have a data-miner daemon submit passive check-results to 
nagios if it encounters traffic of a certain type.

> What's the easiest way to do this?
> 
> Thanx,
> 
> - -- 
> Mike

-- 
Sourcerer / Andreas Ericsson
OP5 AB
+46 (0)733 709032
andreas.ericsson at op5.se


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Negating a test
Next message: Negating a test
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list